1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-01-03 05:10:03 +02:00
Commit Graph

83646 Commits

Author SHA1 Message Date
Michael Niedermayer
5d81616be3 avcodec/mpegaudiodec_template: Correct return code on id3 tag discarding
Fixes: 665/clusterfuzz-testcase-4863789881098240

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-02-24 22:23:53 +01:00
Rostislav Pehlivanov
70259737cb opus_pvq: prevent division by 0
res was 0 and divided K which made it infinity which caused K to
overflow.

Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
2017-02-24 19:14:55 +00:00
Paul B Mahol
e01c32f260 avcodec/scpr: remove 4 dead store
Signed-off-by: Paul B Mahol <onemda@gmail.com>
2017-02-24 19:49:39 +01:00
Paul B Mahol
c583e701bd avcodec/fmvc: initialize opcode to 0
It shouldn't really matter but it doesn't hurt.

Signed-off-by: Paul B Mahol <onemda@gmail.com>
2017-02-24 15:50:16 +01:00
Paul B Mahol
0a28c50506 avcodec/scpr: improve motion vectors checking for out of buffer write
Signed-off-by: Paul B Mahol <onemda@gmail.com>
2017-02-24 15:27:19 +01:00
Michael Niedermayer
c87ea47481 tools/target_dec_fuzzer: Fix misaligned read
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-02-24 14:12:13 +01:00
Michael Niedermayer
2b8b7921c5 avcodec/vp3dsp: Fix multiple signed integer overflow: 46341 * 47523 cannot be represented in type 'int'
Fixes: 664/clusterfuzz-testcase-4917047475568640

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-02-24 14:12:13 +01:00
Michael Niedermayer
8696f25444 avcodec/rv34: Simplify and factor get_slice_offset() code
This also fixes several integer overflows by checking each value before
use.
Fixes: 662/clusterfuzz-testcase-4898131432964096

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-02-24 14:12:12 +01:00
Paul B Mahol
178cd50c47 avcodec/scpr: make sure that component value is <= 0x1F for 16 bpc
Signed-off-by: Paul B Mahol <onemda@gmail.com>
2017-02-24 12:02:48 +01:00
Paul B Mahol
fa3e49568d avcodec/aic: unbreak decoding of files with slice_width != 16
Signed-off-by: Paul B Mahol <onemda@gmail.com>
2017-02-24 11:35:02 +01:00
Carl Eugen Hoyos
560f5188c6 lavc/utils: Make second parameter to apply_param_change() const.
Fixes a compilation warning:
passing argument 2 of ‘apply_param_change’ discards ‘const’ qualifier from pointer target type
2017-02-24 11:04:37 +01:00
Rostislav Pehlivanov
f19442c069 opus_pvq: remove unneeded assert
Since the PVQ search has been well fuzzed and is guaranteed to never
break SUM(abs(y[])) == K, the assert is no longer needed.
Also the assert only prevented coding the wrong vector index but didn't
prevent crashes during searching for it, which made the assert rather
informational than practical.

Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
2017-02-24 07:06:59 +00:00
Rostislav Pehlivanov
22b8ada7b5 opus_pvq: improve PVQ search for low Ks
Since the probelm mentioned only happened when the phase was negative
(e.g. the sum had to be decreased), only discarding dimensions with a
zero pulse in that case restored the search's previously low distortion
at low Ks when the phase is never negative.

Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
2017-02-24 07:03:12 +00:00
Michael Niedermayer
0d85c7bb5a avcodec/ituh263dec: Fix runtime error: left shift of 1342177279 by 1 places cannot be represented in type 'int'
Fixes: 659/clusterfuzz-testcase-5866673603084288

Huge DMV could be created by an encoder ignoring the spec

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-02-24 00:38:45 +01:00
Michael Niedermayer
e98dfeb27c avcodec/jpeglsdec: check shift for values that cause overflow later
Fixes: 657/clusterfuzz-testcase-6674741433729024
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-02-24 00:38:45 +01:00
Michael Niedermayer
76ba09d182 avcodec/mpeg4videodec: Check the other 3 sprite points for intermediate overflows
This is not necessarily specific to fuzzed files

Fixes: Multiple integer overflows
Fixes: 656/clusterfuzz-testcase-6463814516080640
Fixes: 658/clusterfuzz-testcase-6691260146384896

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-02-24 00:38:45 +01:00
Mark Thompson
359586f14f lavfi: Add VAAPI deinterlacer
(cherry picked from commit ade370a4d7)
(cherry picked from commit 2d518aec4c)
2017-02-23 22:08:26 +00:00
Paul B Mahol
20789372da avcodec/shorten: support decoding AIFF-C variant
Signed-off-by: Paul B Mahol <onemda@gmail.com>
2017-02-23 23:03:27 +01:00
Lou Logan
f5fa12d6ee doc/filters: mention 'ffmpeg -filters' in timeline section
So users can see which filters support the 'enable' option.

Signed-off-by: Lou Logan <lou@lrcd.com>
2017-02-23 10:44:11 -09:00
Paul B Mahol
45ed942e7e avcodec/scpr: improve check for out of range motion vectors
Signed-off-by: Paul B Mahol <onemda@gmail.com>
2017-02-23 19:45:12 +01:00
Paul B Mahol
95a5af446b avcodec/scpr: check that current row is in valid range
Stops writing out of dst array.

Signed-off-by: Paul B Mahol <onemda@gmail.com>
2017-02-23 18:46:24 +01:00
Paul B Mahol
fd7af82c53 avcodec/scpr: do not allow out of array access for 16bit case
Signed-off-by: Paul B Mahol <onemda@gmail.com>
2017-02-23 17:22:01 +01:00
Paul B Mahol
f062947261 avcodec/qdrw: do better w/h parsing for direct bit packing
Apparently using 0x0001 opcode solely is not correct.
Try this instead.

Signed-off-by: Paul B Mahol <onemda@gmail.com>
2017-02-23 15:20:24 +01:00
Rick Kern
dcd3418a35 lavc/videotoolboxenc: check for dictionary key symbols
Fixes #6081. Some dictionary keys are not present on OS X 10.8.
This loads the symbols and uses a default value if not present.

Signed-off-by: Rick Kern <kernrj@gmail.com>
2017-02-23 00:05:01 -05:00
Michael Niedermayer
9568b2e425 avcodec/h264_ps: Check chroma_qp_index_offset
Fixes: 647/clusterfuzz-testcase-5195745823031296

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Reviewed-by: BBB
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-02-23 02:37:55 +01:00
Jacek Manko
c104556448 avcodec/mips/Makefile: corrected conditional build of version 1 of vc1dsp optimizations for loongson mmi
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-02-23 02:37:55 +01:00
Carl Eugen Hoyos
6a22d2459d lavd/opengl_enc: Fix a typo. 2017-02-23 00:11:43 +01:00
Marton Balint
436f00b10c avcodec/wrapped_avframe: allocate a buffer with padding
This ensures that the wrapped avframe will not get reallocated later, which
would invalidate internal references such as extended data.

Reviewed-by: wm4 <nfxjfg@googlemail.com>
Signed-off-by: Marton Balint <cus@passwd.hu>
2017-02-22 23:11:42 +01:00
Paul B Mahol
039011b6b0 avcodec: add ScreenPressor decoder
Signed-off-by: Paul B Mahol <onemda@gmail.com>
2017-02-22 22:57:59 +01:00
Michael Niedermayer
ec849f637e avcodec/h264idct_template: Fix several runtime error: signed integer overflow
Fixes: 652/clusterfuzz-testcase-6174944410992640

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-02-22 22:29:03 +01:00
Michael Niedermayer
6871df02d9 avcodec/mpeg4videodec: Check sprite_offset in addition to shifts
Fixes: 651/clusterfuzz-testcase-5710668915277824

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-02-22 22:29:03 +01:00
Michael Niedermayer
5a8fec1b33 avcodec/mpegaudiodec_template: Fix multiple runtime error: signed integer overflow
Fixes: 648/clusterfuzz-testcase-5337961317007360

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-02-22 22:29:03 +01:00
Paul B Mahol
fb5c9be82e avcodec/qdrw: add support for 0x0001 code
Fixes decoding of files which sets frame width/height this way.

Signed-off-by: Paul B Mahol <onemda@gmail.com>
2017-02-22 21:24:26 +01:00
Paul B Mahol
2c5839254d avcodec/dnxhddec: fix decoding of DNxHR HQX 10-bit
Signed-off-by: Paul B Mahol <onemda@gmail.com>
2017-02-22 21:21:52 +01:00
Mulvya
8b768f68b0 doc: drawtext options update
Remove nonexistant "draw" option.
Add undocumented "tc24hmax" timecode wrap option.

Signed-off-by: Mulvya <mulvya@gmail.com>
Signed-off-by: Lou Logan <lou@lrcd.com>
2017-02-22 10:38:53 -09:00
James Almer
a267cac928 avcodec/cbrt_data: add missing header include
Fixes make checkheaders
2017-02-22 14:36:26 -03:00
James Almer
65d7d46f71 avcodec/mjpegenc_huffman: add missing header include
Fixes make checkheaders
2017-02-22 14:36:11 -03:00
Paul B Mahol
3f878aaedf avcodec/flicvideo: update comment, 24bit support is implemented
Signed-off-by: Paul B Mahol <onemda@gmail.com>
2017-02-22 15:45:06 +01:00
Michael Niedermayer
c93a07070a MAINTAINERS: Add ffmpeg-security alias members
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-02-22 13:44:34 +01:00
Michael Niedermayer
c9e3952b82 avcodec/rv34: Forward error from rv34_decode_mv()
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-02-22 02:42:48 +01:00
Michael Niedermayer
6179dc8aa7 avcodec/mpeg4video: Fix runtime error: left shift of negative value
Fixes: 644/clusterfuzz-testcase-4726434209726464
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-02-22 02:42:48 +01:00
Michael Niedermayer
92188c8f57 avcodec/dcadsp: Fix runtime error: signed integer overflow: 394625024 * 8 cannot be represented in type 'int'
Fixes: 643/clusterfuzz-testcase-5209078743695360

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-02-22 02:42:48 +01:00
Michael Niedermayer
24f6559bd2 avcodec/rv34: Fix runtime error: signed integer overflow: -2 + -2147483648 cannot be represented in type 'int'
Fixes: 642/clusterfuzz-testcase-558358808074649

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-02-22 02:42:48 +01:00
James Almer
1ad60e4e70 avformat/matroskaenc: don't write DisplayUnit with value Unknown on WebM files
Value 4 (Unknown) is for the time being part of the Matroska spec but not
supported by WebM

Addresses ticket #6176
2017-02-21 21:15:51 -03:00
James Almer
d04e0a6bcf avcodec/qdrw: don't overwrite bpp when checking its value
Finishes fixing ticket #6171
2017-02-21 20:21:52 -03:00
Alex Converse
dde1bf074c aacdec: When ignoring a PCE restore the previous config
This is related to, but doesn't solve ticker 6152.
2017-02-21 15:12:16 -08:00
Carl Eugen Hoyos
2ac381088d lavd/opengl_enc: Support BGR48. 2017-02-22 00:10:25 +01:00
Paul B Mahol
770ac75ae9 avcodec/qdrw: add support for 2bpp and 4bpp packed pallette format
Signed-off-by: Paul B Mahol <onemda@gmail.com>
2017-02-21 19:45:44 +01:00
Paul B Mahol
4e6b44559a avcodec/qdrw: fix writing past end of row
Signed-off-by: Paul B Mahol <onemda@gmail.com>
2017-02-21 19:16:35 +01:00
Michael Niedermayer
631f748491 avcodec/ituh263dec: Fix runtime error: left shift of negative value -22
Fixes: 639/clusterfuzz-testcase-5143866241974272

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-02-21 19:05:04 +01:00